Cross-layer Analysis for detecting Wireless Misbehavior

Slides:

Advertisements

Similar presentations

Chris Karlof and David Wagner

Advertisements

Security in Mobile Ad Hoc Networks

SELF-ORGANIZING MEDIA ACCESS MECHANISM OF A WIRELESS SENSOR NETWORK AHM QUAMRUZZAMAN.

Denial of Service in Sensor Networks Anthony D. Wood and John A. Stankovic.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.

TAODV: A Trusted AODV Routing Protocol for MANET Li Xiaoqi, GiGi March 22, 2004.

 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.

A Survey of Secure Wireless Ad Hoc Routing

CSE 6590 Department of Computer Science & Engineering York University 1 Introduction to Wireless Ad-hoc Networking 5/4/2015 2:17 PM.

Edith C. H. Ngai1, Jiangchuan Liu2, and Michael R. Lyu1

NGMAST- WMS workshop17/09/2008, Cardiff, Wales, UK A Simulation Analysis of Routing Misbehaviour in Mobile Ad hoc Networks 2 nd International Conference.

Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Secure Routing and Intrusion Detection For Mobile Ad Hoc Networks Anand Patwardhan Jim.

Nov.6, 2002 Secure Routing Protocol for Ad Hoc Networks Li Xiaoqi.

Secure communication in cellular and ad hoc environments Bharat Bhargava Department of Computer Sciences, Purdue University This is supported.

An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

© 2007 Levente Buttyán and Jean-Pierre Hubaux Security and Cooperation in Wireless Networks Chapter 3: Trust assumptions and.

An Architecture for Dynamic Trust Monitoring in Mobile Networks Onolaja Olufunmilola, Rami Bahsoon, Georgios Theodoropoulos School of Computer Science.

MANETs A Mobile Ad Hoc Network (MANET) is a self-configuring network of mobile nodes connected by wireless links. Characteristics include: no fixed infrastructure.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

Routing Security in Ad Hoc Networks

Security & Efficiency in Ad- Hoc Routing Protocol with emphasis on Distance Vector and Link State. Ayo Fakolujo Wichita State University.

Security of wireless ad-hoc networks. Outline Properties of Ad-Hoc network Security Challenges MANET vs. Traditional Routing Why traditional routing protocols.

Security Risks for Ad Hoc Networks and how they can be alleviated By: Jones Olaiya Ogunduyilemi Supervisor: Jens Christian Godskesen © Dec

Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.

Copyright: UC Riverside Alleviating the effects of mobility on TCP Performance Signal Strength based Link Management Fabius Klemm *, Srikanth Krishnamurthy.

Wireless Sensor Network Security Anuj Nagar CS 590.

The Feasibility of Launching and Detecting Jamming Attacks in Wireless Networks Authors: Wenyuan XU, Wade Trappe, Yanyong Zhang and Timothy Wood Wireless.

Selective Forwarding Attack: Detecting Colluding Nodes in Wireless Mesh Networks Shankar Karuppayah National Advanced IPv6 Centre (NAv6) Universiti Sains.

A Vehicular Ad Hoc Networks Intrusion Detection System Based on BUSNet.

Copyright © 2006, Dr. Carlos Cordeiro and Prof. Dharma P. Agrawal, All rights reserved. 1 Carlos Cordeiro Philips Research North America Briarcliff Manor,

Hamida SEBA - ICPS06 June 26 th -29 th Lyon France 1 ARMP: an Adaptive Routing Protocol for MANETs Hamida SEBA PRISMa Lab. – G2Ap team

MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.

1 / 18 Fariba alamshahi Secure Routing and Intrusion Detection in Ad Hoc Networks Supervisor: Mr.zaker Translator: fariba alamshahi.

An efficient secure distributed anonymous routing protocol for mobile and wireless ad hoc networks Authors: A. Boukerche, K. El-Khatib, L. Xu, L. Korba.

Denial of Service (DoS) Attacks in Green Mobile Ad–hoc Networks Ashok M.Kanthe*, Dina Simunic**and Marijan Djurek*** MIPRO 2012, May 21-25,2012, Opatija,

Enhancing TCP Fairness in Ad Hoc Wireless Networks using Neighborhood RED Kaixin Xu, Mario Gerla UCLA Computer Science Department

Shambhu Upadhyaya 1 Ad Hoc Networks Routing Security Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 19)

Trust- and Clustering-Based Authentication Service in Mobile Ad Hoc Networks Presented by Edith Ngai 28 October 2003.

1 Objective and Secure Reputation-Based Incentive Scheme for Ad-Hoc Networks Dapeng Oliver Wu Electrical and Computer Engineering University of Florida.

Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.

Security in Ad Hoc Networks. What is an Ad hoc network? “…a collection of wireless mobile hosts forming a temporary network without the aid of any established.

A Data Intensive Reputation Management Scheme for Vehicular Ad Hoc Networks Anand Patwardhan, Anupam Joshi, Tim Finin, and Yelena Yesha Anand Patwardhan.

Security in Mobile Ad Hoc Networks: Challenges and Solutions (IEEE Wireless Communications 2004) Hao Yang, et al. October 10 th, 2006 Jinkyu Lee.

Ad Hoc Network.

Security in Wireless Ad Hoc Networks. 2 Outline  wireless ad hoc networks  security challenges  research directions  two selected topics – rational.

Security Issues in Distributed Sensor Networks Yi Sun Department of Computer Science and Electrical Engineering University of Maryland, Baltimore County.

Computer Science and Engineering 1 Mobile Computing and Security.

DETECTION AND IGNORING BLACK HOLE ATTACK IN VANET NETWORKS BASED LATENCY TIME CH. BENSAID S.BOUKLI HACENE M.K.FAROUAN 1.

@Yuan Xue CS 285 Network Security Placement of Security Function and Security Service Yuan Xue Fall 2013.

By Jannatul Ferdousi M.TECH(MCNT) Roll no GNIT With guidance of Mr.Dipankar.

Mobile Ad Hoc Networking By Shaena Price. What is it? Autonomous system of routers and hosts connected by wireless links Can work flawlessly in a standalone.

Enforce Collaboration in Mobile Ad Hoc Network Ning Jiang School of EECS University of Central Florida

Presented by Edith Ngai MPhil Term 3 Presentation

TAODV: A Trusted AODV Routing Protocol for MANET

Information Technology - Information Networks

Mobile Ad hoc Network: Secure Issues In Multi-Hop Routing Protocols

CSE 4340/5349 Mobile Systems Engineering

Lei Chen and Wendi B. Heinzelman , University of Rochester

Wenjia Li Anupam Joshi Tim Finin May 18th, 2010

Mobile ad hoc networking: imperatives and challenges

Doctoral Dissertation Research Proposal

Path key establishment using multiple secured paths in wireless sensor networks CoNEXT’05 Guanfeng Li University of Pittsburgh, Pittsburgh, PA Hui Ling.

ITIS 6010/8010 Wireless Network Security

Wireless Sensor Networks (WSN’s) Security Lecture 13

A Secure Ad-hoc Routing Approach using Localized Self-healing Communities MobiHoc, 2005 Presented by An Dong-hyeok CNLAB at KAIST.

An Overview of Security Issues in Sensor Network

Communication Networks

A Vehicular Ad Hoc Network Intrusion Detection System Based on BUSNets

Presentation transcript:

Cross-layer Analysis for detecting Wireless Misbehavior Anand Patwardhan Ph.D Candidate eBiquity Group Computer Science and Electrical Engineering Department October 19, 2005

Securing MANETs Security for resources Trust in other resources Malicious behavior (Activity monitoring) Misuse (Resource protection) Response/recourse (Accountability) Trust in other resources Dependence on recommendations (Identities and Reputations) Reliability of information

Security Issues Wireless communication Short range (802.11, Bluetooth etc.) Open medium Identification and Authentication PKI based solutions infeasible No prior trust relationships Routing Based on dynamic cooperative peer relations Key to survival of MANET Device constraints Power Conservation Finite Storage Computation power

Intrusion Detection Challenges Identity Use SUCVs Mobility, congestion, radio interference False positives Scalability Large radio-ranges or dense networks Aggregation of data Communicate intrusions data to warn others

Packet Forwarding B A C Datagram dgram_in has: Source IPv6 address, x  U – {B,C} Destination IPv6 address, y  U – {B,C} MAC source, mac(u), u  U – {B,C} MAC destination, mac(B) Corresponding dgram_out must have: Source IPv6 address, x Destination IPv6 address, y MAC source, mac(B) MAC destination, mac(u), u ε U – {B,C} dgram_in dgram_out

Stateful Packet Monitoring AODV TCP IPv6 Ethernet Frame { RREQ, RREP, RERR } { TCP Sequence no., TCP checksum } Update in-memory Hash table Build and Maintain Neighbor table (mac, ipv6) pairs And route status From the packet capture library (pcap) Packets that should be forwarded

Threats MAC/PHY level attacks Routing attacks Attacks on data traffic RTS, CTS attacks – gain unfair share of bandwidth, disruption Routing attacks gray holes, black holes, worm holes … Attacks on data traffic Dropping, mangling or injecting data packets Trustworthiness of resources, reliability of information Identities, reputations, trust evolution

MAC vulnerabilities Wireless Misbehavior Prevention MAC protocols have no inbuilt mechanism to prevent unfair contention resolution Adversaries can: gain unfair share of bandwidth temporarily stall parts of the network, affect the routing process Prevention Misbehavior-resilient backoff for contention resolution Challenges and shortcomings Require core MAC protocol to be changed Colluding adversaries can still subvert the scheme

Related Work Proposed approaches Drawbacks Game theoretic models Incentives for fair-sharing Misbehavior resistant MAC contention Drawbacks Colluding adversaries can subvert these schemes Require changing core MAC protocol Inefficient Cannot prevent jamming

Sophisticated attacks Classical attacks are easy to detect using thresholds Packet dropping, mangling,misrouting etc. To evade detection attacker must stay under the detection threshold (insignificant disruption) However more sophisticated attacks are possible Launching attacks at multiple levels, e.g. Combining RTS attacks and packet drops Any single attack signature might not suffice for detection Observations on a single layer in isolation will be inconclusive

Intrusion Detection challenges Classifying intrusions Threshold based False positives – mobility, environmental conditions, limited radio range, short period of observations Increase accuracy and efficiency by Incorporate factors like mobility, congestion and distance in classifying intrusions Use signal strengths, response times to judge distance Monitor media contention and incoming traffic to judge congestion

Trust evolution, reputation management, Cross-layer Analysis Trust evolution, reputation management, recourse Intrusion Detection Application Commendations Accusations (to other devices) Packet dropping, Mangling, injection Transport Routing attacks, disruptions Link Unfair contention, Jamming MAC/PHY Response

Neighbor table size

True positives (no RTS attack)

True positives (RTS attack)

Goodput with RTS attacks

References Jim Parker et al., “Cross Layer Analysis for Detecting Wireless Misbehavior,” Proceedings of CCNC 2006 Anand Patwardhan et al., "Active Collaborations for Trustworthy Data Management in Ad Hoc Networks", Proceedings of the 2nd IEEE International Conference on Mobile Ad-Hoc and Sensor Systems, November 2005 Anand Patwardhan et al., "Secure Routing and Intrusion Detection in Ad Hoc Networks", Proceedings of the 3rd International Conference on Pervasive Computing and Communications, March 2005 Jim Parker et al., "On Intrusion Detection in Mobile Ad Hoc Networks", 23rd IEEE International Performance Computing and Communications Conference -- Workshop on Information Assurance , April 2004